Email is the first thing most of us check as soon as we wake up. It is a typical way of communicating with work colleagues, family, and friends. But, unfortunately, your email inbox could also be the primary source of a potential cyber attack. Hundreds of different email cyber threats lurk on the world wide web right now.
It is due to the non-existent security practices of some users. It is fundamental to use a password generator, avoid connecting to the public Wi-Fi, and learn how to spot phishing, among other things. Cybercriminals are getting craftier as we speak, so we have to keep up the pace. If you want to find out how to keep your email inbox safe, keep reading!
1. Always Use Strong Passwords
Having a strong and unique password is the first line of defense against email cyber threats. Unfortunately, some of us still type in the same password since high school or go for something easy to remember. According to PCMag, the top 3 most used passwords in 2020 were “123456”, “123456789”, and “picture1.” Alongside were “qwerty”, “abc123”, and “Million2.”
Little hacking is needed to break such passwords because you can simply guess that it might be “qwerty” and access the account. Hackers use password-guessing software that tries out millions of different combinations until they get the right one. But there is a way to make your password difficult to guess.
A secure password contains the following: numbers, special characters, and upper and lower case letters. Of course, don’t include your details like a birthday, hometown, college, and so on. If you want to make sure your login data is extra safe, try out a password generator. This tool can come up with a password that is impossible to hack. Additionally, you can use a password generator every time you create a new account, and each password will be one of a kind.
Another strong recommendation from cybersecurity experts is to use a password manager. Password managers allow having dozens of unique, long, and complex passwords and store them in an encrypted vault. Advanced password managers have zero-knowledge architecture, which means that only the original user can access the encrypted vault and nobody else. In addition, the vault is encrypted on the user device level and uploaded to the cloud in an encrypted form, which means that even password managers’ staff cannot gain access to it. This is a massive boost to both online safety and digital privacy.
2. Learn How to Recognize Phishing
Phishing is probably one of the most common email cyber threats at the moment. Cybercriminals frequently exploit emails and try to convince the recipient to click on a link or even directly ask to transfer some money. Cybercriminals prey on users who don’t read through an entire email or rarely pay attention to details. They select familiar websites that offer services like Netflix, Facebook, Instagram, your bank, and so on. There is often some call to action included in an email too. So a user will be redirected to a fake login screen.
For example, you may receive an email that looks like it’s coming from your bank. Moreover, it addresses you by your real name, has your actual address in it, maybe some card details. But unknown to you, this information was gathered from data leaks and is used to forge a convincing phishing email. The more data hackers can obtain from previous data leaks, the more compelling the email.
But things don’t stop there. A viral phishing method is to create a mirror site and lure the victim into it. For example, cybercriminals create a web page that looks absolutely identical to your bank’s, and they include a link to it in a phishing email. Once you go to that page, you’re asked to log in, and when you input login details, the hackers use them to log in to your real bank account and empty it.
How can you identify a phishing attempt? The easiest thing is to take a look at the sender’s email. It might be spoofed and look legit, but not everyone takes additional effort, and you may find a hint there. For example, you may receive an email from “email@example.com”, but would Amazon really use Gmail to send their official emails? Also, if it doesn’t have an official domain, it most likely is phishing.
Then look at the wording. Chances are, this email has numerous grammatical errors. First of all, not all hackers know English very well. Second, the email may be automated, and you will notice some suspicious parts that would look like Google translator wrote it. Third, take a very close look at how you are addressed. If you’re addressed as “Mr.” or “Mrs.” instead of your real name, that’d be an indicator of phishing.
Lastly, carefully analyze any links. The link’s text may look fine and show your bank’s Internet address, but hover over it to see the actual address at the bottom of the screen. If it’s phishing, it will be a long address you’ve never seen before, and you shouldn’t go there. Instead, it’s best to call your bank via the phone and verify whether the email is authentic.
All in all, take a closer look at details, especially if an email seems fishy.
3. Don’t Open All Attachments
If you tend to get a lot of mail daily, chances are there will be some attachments in the mix too. These are usually school or work-related. But remember that downloading or opening attachments from unknown senders is extremely dangerous. So it is best to mark them as junk and move on. But you can’t throw away every message you receive just because it contains a file too.
It is where antivirus programs might help. Consider antivirus like your last line of defense. First, of course, you want to develop good cybersecurity habits, like managing your passwords properly and knowing how to avoid phishing. But the truth is nobody can be 100% safe, and antivirus is there to help when malware manages to get through. This software scans all emails you get and isolates the potentially harmful messages. Plus, these apps have excellent spam filters that will prevent hackers from sending you any similar email cyber threats in the future. Antivirus software will also regularly scan your data drives and alert you if something suspicious is found.
4. Avoid Accessing Your Email From Public Wi-Fi
Public Wi-Fi networks are easily hackable. A laptop and a wireless access point are enough to set up an Evil Twin attack. And if you mistakenly connect to such a network, cybercriminals can monitor all of your activities and steal sensitive data if you use it while there.
Another way is to attack an already established network. For example, it can be a public library. Hackers can connect to such a network and then, exploiting known vulnerabilities, declare his or her device to be the administrator of the network. Once they do that, hackers control all the traffic within the network. Thus, your personal information and your email will be up for grabs. Therefore, stay away from public Wi-Fi networks if possible.
There are other more secure ways to check your email if you are out of your office or on the go. For instance, creating a hotspot on your phone is a great idea. Most of us use mobile internet, and you could share it with other devices you have. Another piece of advice would be to use a VPN. Virtual Private Networks are designed to provide additional encryption. This is great for public Wi-Fi because even if you’ve connected to an exploited network, encryption will ensure your data remains indecipherable. And if you’re doing a lot of shopping online and tend to do that on public Wi-Fi, then a VPN is absolutely mandatory.
5. Use a Spam Filter
Spam filters are there to identify unwanted messages and remove them from your inbox. Gmail does a great job with this most of the time, and their spam filter is incredible. Most other email providers also have exceptional spam filters to help combat the ever-evolving email cyber threats. First, of course, you have to turn on the filter, so make sure you complete this step.
Gmail allows you to customize your spam filter. You can type in words or phrases, and messages containing them will be automatically removed from your inbox. It is an excellent tool that can help avoid scams or malware if you are familiar with the wording used in those emails.
Lastly, don’t subscribe to every newsletter or service online. You’ll receive so many emails it will be hard to tell which came from where, and such chaos never helps. Furthermore, when you subscribe, you give out personal information on how to contact you, and if a particular service has a vulnerability and leaks your data, it can be used against you.
About the Author
I am a digital marketer, brand consultant, and business strategist with Designhill, a reliable marketplace for logo design, business cards, web design, T-shirt printing, and other graphic design products. With extensive experience working both client-side and within the agency environment, he has authored several articles on topics related to digital marketing, business strategies, and content marketing.